Abstract: Methods and apparatus are provided for fraud detection and remediation in knowledge-based authentication (KBA). A knowledge-based authentication method is performed by a server for restricting access of a user to a restricted resource. The exemplary knowledge-based authentication method comprises challenging the user with one or more questions requiring knowledge by the user; receiving a response from the user to the one or more questions, wherein at least a portion of the response is encoded by the user using an encoding scheme defined between the server and the user to signal a fraudulent access attempt; and granting access to the restricted resource if one or more predefined response criteria are satisfied, wherein the one or more predefined response criteria comprises an assessment of whether the encoded portion of the response satisfies the encoding scheme. A number of exemplary encoding schemes are disclosed.

Abstract: Methods, apparatus and articles of manufacture for implementing cryptographic devices operable in a challenge-response mode are provided herein. A method includes storing a set of authentication information in a first cryptographic device associated with a user, receiving a challenge in the first cryptographic device in connection with a user authentication request responsive to a request from the user to access a protected resource, wherein the challenge comprises an index of at least one non-sequential portion of the authentication information stored in the first cryptographic device, and outputting a non-sequential portion of the authentication information from the set of authentication information stored in the first cryptographic device in response to the challenge for use in authenticating the user.

Abstract: Methods and apparatus are provided for generation of forward secure pseudorandom numbers. A forward secure pseudorandom number is generated by obtaining a first state si corresponding to a current leaf node vi in a hierarchical tree, wherein the current leaf vi produces a first pseudorandom number ri?t and wherein the hierarchical tree comprises at least one chain comprised of a plurality of nodes on a given level of the hierarchical tree; updating the first state si to a second state si+t corresponding to a second leaf node vi+t; and computing a second pseudorandom number ri+t?1 corresponding to the second leaf node vi+t. The variable t may be an integer greater than one. Updating the state does not require generation of all pseudorandom numbers produced by leaf nodes between the current leaf node vi and the second leaf node vi+t.

Abstract: Knowledge-based authentication (KBA) is provided using historically-aware questionnaires. The KBA can obtain a plurality of historically different answers from the user to at least one question; challenge the user with the question for a given period of time; receive a response from the user to the question; and grant access to the restricted resource if the response is accurate for the given period of time based on the historically different answers. Alternatively, the KBA can be based on historically aware answers to a set of inter-related questions. The user is challenged with the inter-related questions for a given period of time. Historically different answers can comprise answers with applicable dates, or correct answers to the question over time. Historically aware answers can comprise an answer that is accurate for an indicated date or period of time. An accurate response demonstrates knowledge of multiple related personal events.

Abstract: At least one virtual machine implemented on a given physical machine in an information processing system is able to detect the presence of one or more other virtual machines that are also co-resident on that same physical machine. More particularly, at least one virtual machine is configured to avoid usage of a selected portion of a memory resource of the physical machine for a period of time, and to monitor the selected portion of the memory resource for activity during the period of time. Detection of a sufficient level of such activity indicates that the physical machine is also being shared by at least one other virtual machine. The memory resource of the physical machine may comprise, for example, a cache memory, and the selected portion of the memory resource may comprise one or more randomly selected sets of the cache memory.

Abstract: An apparatus comprises a transceiver, a memory and a processor coupled to the memory. The processor is configured to obtain an identifier and a first set of values from a device via the transceiver, to determine a second set of values, the second set of values being based at least in part on the first set of values and a probabilistic function, to transmit the second set of values to the device via the transceiver, and to create an event indicator associated with the identifier in the memory, the event indicator comprising at least a portion of the first set of values.

Abstract: A password-hardening system comprises at least first and second servers. The first server is configured to store a plurality of sets of passwords for respective users with each such set comprising at least one valid password for the corresponding user and a plurality of chaff passwords for that user. The second server is configured to store at least a portion of valid password indication information indicating for each of the sets which of the passwords in that set is a valid password. The first and second servers are further configured to proactively update the sets of passwords and the valid password indication information in each of a plurality of epochs. The valid password indication information may comprise, for example, valid password index values for respective ones of the users, with the index values being stored as a shared secret across the first and second servers.

Abstract: A proof of retrievability (POR) mechanism is applicable to a data object for providing assurances of data object possession to a requesting client by transmitting only a portion of the entire data object. The client compares or examines validation values returned from predetermined validation segments of the data object with previously computed validation attributes for assessing the existence of the data object. Since the archive server does not have access to the validation function prior to the request, or challenge, from the client, the archive server cannot anticipate the validation values expected from the validation function. Further, since the validation segments from which the validation attributes, and hence the validation values were derived, are also unknown to the server, the server cannot anticipate which portions of the data object will be employed for validation.

Abstract: Methods and apparatus are provided for embedding auxiliary information in one-time passcode authentication tokens. Auxiliary information is embedded in authentication information transmitted to a receiver by obtaining the auxiliary information; and mapping the auxiliary information to a codeword using a secret key, wherein the secret key is shared between the security token and an authentication authority; and combining the codeword with a tokencode generated by a security token to generate a one-time passcode. The one-time passcode can then be transmitted to the receiver.

Abstract: A client device or other processing device comprises a file encoding module, with the file encoding module being configured to separate a file into a plurality of sets of file blocks, to assign sets of the file blocks to respective ones of a plurality of servers, to define a plurality of parity groups each comprising a different subset of the plurality of servers, to assign, for each of the servers, each of its file blocks to at least one of the defined parity groups, and to compute one or more parity blocks for each of the parity groups. The file blocks are stored on their associated servers, and the parity blocks computed for each of the parity groups are stored on respective ones of the servers other than those within that parity group. Such an arrangement advantageously ensures that only a limited number of parity block recomputations are required in response to file block updates.

Abstract: A distributed challenge-response protocol is carried out between a verifier and a prover. The verifier comprises servers storing respective shares of a set of challenge-response pairs. A particular challenge of one of the challenge-response pairs is sent to the prover, and a response to the challenge is received from the prover. The received response is authenticated as an appropriate response to the particular challenge based on indications from respective ones of at least a subset of the servers as to whether or not the received response matches respective reconstructed responses computed by those servers. A given one of the servers may be configured to reconstruct the particular challenge using information associated with the share stored in the given server and information associated with at least one other share stored in at least one other server, with the reconstructed challenge being to be sent to the prover as the particular challenge.

Abstract: Improved techniques are provided for the generation of exfiltration-resilient cryptographic keys. A method is provided for generating exfiltration-resilient cryptographic keys for authentication and/or digital signing. A set of authentication information sk[i] is stored in a device associated with a user and a set of public keys pk[i] are provided to a verifier corresponding to the set of authentication information sk[i], where sk[i] is mapped to pk[i] using a hash function. The device obtains a challenge from the verifier comprising a sequence C of k indices. A response is provided to the verifier comprising elements of the set of authentication information sk[i] corresponding to the k indices. The set of authentication information sk optionally has a size that satisfies one or more leakage-resilient criteria.

Abstract: A processing device comprises a processor coupled to a memory and implements a host-based intrusion detection system configured to permit detection of tampering with at least one software component installed on the processing device. The host-based intrusion detection system comprises a forward-secure logging module configured to record information characterizing a plurality of events occurring in the device in such a manner that modification of the recorded information characterizing the events is indicative of a tampering attack and can be detected by an authority. For example, the recorded information may comprise at least one forward-secure logging record R having entries r1 . . . rn corresponding to respective ones of the events wherein any erasure or other modification of a particular pre-existing entry ri in R by an attacker is detectable by the authority upon inspection of R.

Abstract: A method and system for use in providing enhanced security for wireless telecommunications devices is disclosed. In at least one embodiment, the method and system may use a sensor of a wireless telecommunications device to help derive physical context data associated with the wireless telecommunications device. The physical context data can be used to determine whether the wireless telecommunications device has been moved in a gesture that is consistent with a use of the wireless telecommunications device for a specific purpose.

Abstract: Disclosed is a method and apparatus for performing steps to cause encoded information to be stored at a client device during a first network session between a server and the client device. To cause encoded information to be stored at a client device, the server first determines a set of network resource requests that encode the information. These network resource requests may include requests for one or more specific URLs and/or requests for one or more files. The server then causes the client device to initiate the network resource requests. The server may cause this initiation by, for example, redirecting the client device to the network resources. The client device initiating the network resource requests causes data representative of the network resource requests to be stored at the client device.

Abstract: An apparatus comprises a medical device configured for implantation into a living organism. The medical device comprises processing circuitry, a memory and interface circuitry configured for communication with a monitoring device. The medical device is configured to receive a request for access from the monitoring device, to measure a physiological value of the living organism, to perform a pairing protocol with the monitoring device, the pairing protocol comprising a secure channel set-up phase followed by an authentication phase, and to permit access by the monitoring device responsive to a successful pairing in accordance with the pairing protocol, the successful pairing being based at least in part on a determination that a physiological value supplied by the monitoring device substantially matches the measured physiological value. The medical device performs the secure channel set-up phase before sending the measured physiological value to the monitoring device.

Abstract: A first cryptographic device is configured to store a set of keys that is refreshed in each of a plurality of epochs. The first cryptographic device computes for each of at least a subset of the epochs at least one view based on at least a portion of the set of keys for that epoch, and transmits the views to a second cryptographic device in association with their respective epochs. At least one view computed for a current one of the epochs is configured for utilization in combination with one or more previous views computed for one or more previous ones of the epochs to permit the second cryptographic device to confirm authenticity of the set of keys for the current epoch. The first cryptographic device may include an authentication token and the second cryptographic device may include an authentication server.

Abstract: A processing device comprising a processor coupled to a memory is configured to determine a risk of simultaneous theft of a primary device and at least one satellite device associated with the primary device, and to identify said at least one satellite device as an appropriate authentication factor for use in an authentication process involving the primary device, based at least in part on the determined risk. The identified satellite device may serve as an additional or alternative authentication factor relative to one or more other authentication factors. The processing device may comprise the primary device itself, or another separate device, such as an authentication server that also participates in the authentication process. Information associated with the identified satellite device is utilized in the authentication process to authenticate a user of the primary device.

Abstract: An improved technique involves protecting a set of resources in a distributed computer system by scheduling epochs for replacing keys that have a variable duration. Along these lines, a Variable Epoch Scheduler (VES) generates schedules of key updates for a set of players in the distributed system such that at least two epochs in the schedules have different durations. For example, the epoch durations within a schedule may vary, or the epoch durations for different players may be different. At the end of each epoch, the VES notifies the distributed system to update the key identified in the schedule as corresponding to that epoch.

Abstract: A processing device comprises a processor coupled to a memory and implements a graph-based approach to protection of a system comprising information technology infrastructure from a persistent security threat. Attack-escalation states of the persistent security threat are assigned to respective nodes in a graph, and defensive costs for preventing transitions between pairs of the nodes are assigned to respective edges in the graph. A minimum cut of the graph is computed, and a defensive strategy is determined based on the minimum cut. The system comprising information technology infrastructure subject to the persistent security threat is configured in accordance with the defensive strategy in order to deter the persistent security threat.